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REMARKS 



Claims 1-15, 17-62, 64-80 and 82-88 were examined. In this Office Action, the 
Examiner has rejected Claims 1-5, 10-25 and 28-47 under 35 USC 102(e) as being 
anticipated by Schenck et al (US Patent Publication No.: 2001/0021926) and Claims 6- 
9, and 26-27 under 35 USC 1 03(a) as being unpatentable over Schenck et al in view of 
Ozog et al (US Application Publication No.: 2003/0033528). The two cited references 
are referred to hereinafter as Schenck and Ozog, respectively, hereinafter. 

The Examiner is thanked for his thoughtful and timely review of the application. In 
the forgoing amendments, Claims 1, 20, 31 , 41, 47, 48, 67 and 78 have been amended. 
As a result, Claims 1-15, 17-62, 64-80 and 82-88 are now pending. Reconsideration of 
the pending claims is respectfully requested. 

Schenck was provided by the Applicants and deemed most closely related to the 
subject matter, or subject matters of the pending claims. However, the Applicants do not 
consider that Schenck is prior art, many recited features in the pending claims are 
neither taught nor suggested in Schenck. 

As shown in FIG. 1 and the description thereof (Col. 2, paragraphs 0086 and 
0087) in Schenck, data 106 is encrypted in the distributor 102 and sent as packaged 
data 108 to a user 104 after a payment 110. In other words, Schenck provides an on- 
demand data method. A server or the distributor 102 is configured to encrypt demanded 
data and transmit the demanded data in encryption to a demander (i.e., a user), namely, 
the encrypted data must be from the distributor 102 . 

In contrast, the twice-amended Claim 1 recites: 

establishing a secured link between a server providing the access control 
management and a client machine when an authentication request is 
received from the client machine, the authentication request including an 
identifier identifying a user of the client machine to access the electronic data, 
wherein the electronic data is not from the server but secured in a format 
including security information and an encrypted data portion, the security 
information including a file key and access rules and controlling restrictive 
access to the encrypted data portion; 
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(emphasis added) 

Contrary to Schenck, Claim 1 explicitly recites that a server provides the access 
control management but not the encrypted data (i.e., the encrypted data is not from this 
server ). As described in FIG. 1A and 1B and corresponding description thereof, the 
server 104 or 106 is configured to provide the access control management and in 
generally not used to encrypt a data file therefore the data Is not from the server. 
Evidently the recited features are neither taught nor suggested in Schenck. Accordingly, 
the Applicants submit Claim 1 and dependent claims 2-15 and 17-30 shall be allowable 
over Schenck or Ozog, viewed alone or in combination. Reconsideration of Claim 1-15 
and 17-30 is respectfully requested. 

Claim 20 recites more explicitly that data is not encrypted in a server by: 

maintaining a private kev and a public kev. both associated with the user, 
wherein the electronic data, when secured, includes a header and an 
encrypted data portion, the header further includes security information 
controlling who, how, when or where the secured electronic data can be 
accessed and the encrypted data portion is an encrypted version of the 
electronic data according to a predetermined cipher scheme; 

(emphasis added) 

According to Schenck, for data to be encrypted in a distributor 102 for distribution 
to a user, a distributor 102 must possess a public key. As described above, the server in 
the present invention is to provide access control management arid not to encrypt the 
data. As such, a client machine is used to encrypt data and decrypt encrypted data, and 
therefore, maintains a private key and a public key for an authorized user. Claim 20 
further explicitly recites "encrypting the security information with the public kev in the 
client machine w hen the electronic data is to be written into a store; and decrypting the 
security information with the private kev in the client machine w hen the electronic data 
is to be accessed by an application." (emphasis added) Evidently, the combined 
features are neither taught nor suggested in Schenck. In certain perspective, Schenck 
teaches away from the features of Claim 20 as one machine is required to possess a 
key to encrypt data and another machine is required to possess a counterpart key to 
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decrypt the received encrypted data. Accordingly, the Applicants submit Claim 20 and 
dependent claims 21-30 shall be allowable over Schenck or Ozog, viewed alone or in 
combination. Reconsideration of Claims 20-30 is respectfully requested. 

Claim 31 has been amended to further distinguish from Schenck. In particular, 
Claim 31 recites: 

receiving a request to access the electronic data in a store; 
determining security nature of the electronic data bv intercepting the electronic 
data moving from the store through an operating system layer to an 



(emphasis added) 

As shown in FIG. 3, data is stored in a store 308. When the data is accessed by 
an application 306, the data moves through the OS 304 in which the data is intercepted 
by a document securing module 302 to perform the determination of the security nature 
of the data and decryption of the encrypted data if the data is encrypted. Subsequently, 
the application receives the data in clear form. Such combined features recited In Claim 
31 are not at all taught or suggested in Schenck or Ozog, viewed alone or in 
combination. Accordingly, the Applicants respectfully request the Examiner to 
reconsider Claims 31-40 with the amendments. 

Claim 41, supported in FIG. 3, recites "a client machine executing a document 
securing module that operates in a path through which the electronic data is caused to 
pass when selected, the document securing module determining security nature of the 
electronic data, ... wherein the client machine and a user thereof are caused by the 
document securing module to be authenticated with the access control server when the 
security nature indicates that the electronic data is secured...". In contrast, Schenck 
sends demanded data in encryption to a user who has, for example, made a payment 
and is therefore authorized to access the data. There is no any teaching in Schenck 
about a document securing module (in a ciient machine) that causes both the client 
machine as well as the user to be authenticated when the document securing module 
determines that the data being accessed is secured. Accordingly, the Applicants 
respectfully request the Examiner to reconsider Claim 41. 



application for the data; 
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Claim 47 recites that M ...an access control server coupled to the client machine 
over a network and receiving a part of the electronic data including the encrypted 
security information from the client machine , the encrypted security information being 
decrypted with a user key associated with a user attempting to access the electronic 
data after both the user and the client machine are authenticated;" (emphasis added) In 
other words, a part of the secured file including the encrypted security information is 
transported to a server wherein the encrypted security information is decrypted with a 
user key in the server. Schenck encrypts data in a server (distributor) and sends off the 
encrypted data to user, and neither teaches nor suggests that the security information is 
decrypted in a server or the distributor. Accordingly, the Applicants submit that Claim 47 
shall be allowable over Schenck and respectfully request the Examiner to reconsider 
Claims 47. 

Claims 48-62 and 64-80, and 82-88 are rejected with similar reasons in the Office 
Action. The Applicants have amended Claims 48, 67 and 78 to clearly distinguish from 
the cited references and wish to apply the reasons presented above to support Claims 
48-62, 64-80, and 82-88. Accordingly, Claims 48-62, 64-80, and 82-88 are believed 
equally patentable over the cited references, viewed alone or in combination. 

In view of the above amendments and remarks, the Applicants believe that 
Claims 1-15, 17-62, 64-80 and 82-88 shall be in condition for allowance. Early and 
favorable action is being respectfully solicited. 

If there are any issues remaining which the Examiner believes could be resolved 
through either a Supplementary Response or an Examiners Amendment, the Examiner 
is respectfully requested to contact the undersigned at (408)777-8873. 
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